Background I was talking in Intern0t several months ago. AcidGen, from IOActive mentioned that he found a bug in XBMC. I use XBMC quite a bit at home, on various platforms, since it’s extremely wife-friendly. I hit him up, and we started talking. We had a nice Skype conversation, where we discussed possible platforms that were affected, and future exploits that we’d like to find. Since I had a jailbroken Apple TV 2 and RaspberryPi, I told him that I could test those platforms and help out.

Finally, with level 7 of OverTheWire’s Natas wargame, we start to get to more “real world” vulnerabilities. It’s still very easy, but it’s at least getting better.
We start with a single page, that has 2 navigation links.
I noted that the URLs had a “page=” parameter. I thought maybe this would be the file it was including. Viewing the source gave a nice reminder of where the password for the next level would be stored.